Balloons and double encoding and Bootstrap, Oh Dear!

Posted on January 23, 2018 by Jacob Bennett and Michael Dyrynda

Jake and Michael discuss Laracon announcements, new framework features, model caching, and more.

Show links

141: Web Application Security, Part 2 with Scott Arciszewski

Posted on January 19, 2018 by Michael Budd, Fraser Hart, Lewis Cains, Edd Mann

In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks. From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre. Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.

Show Links

140: Web Application Security, Part 1 with Scott Arciszewski

Posted on January 18, 2018 by Michael Budd, Fraser Hart, Lewis Cains, Edd Mann

In this weeks episode we chat with Scott Arciszewski about all things Security and Cryptography. We start off the show by explaining how he got interested in this field of work, correcting PHP security related answers on Stack Overflow and why he focuses on PHP security. From here, we move on to highlight what the OWASP Top Ten is, how you can distill many security principles into data/code seperation and what is involved in a software audit. This leads us on to discuss what HTTPS actually is, touching on TLS, PKI’s, Ciphersuites, and reported attacks against TLS and ECB. Finally, we highlight some important browser security features that can be used, pushing new software releases in a secure manor, thoughts on Cryptocurrencies and how everyone wants to solve their problem with a blockchain at this time.

Show Links

Episode 43: The one where we Marvel at Sketch

Posted on January 17, 2018 by Beau Simensen & Dave Marshall

91: We push the wrong button

Posted on January 17, 2018 by PHPUgly

Recorded January 11, 2018

Topics

Ruby Still isn't dead
Tom's first sober presentation - Cats and OOP
Pay scale for remote workers - How do you determine your worth
Ninth Circuit Doubles Down: Violating a Website’s Terms of Service Is Not a Crime
The Internet's Own Boy: The Story of Aaron Swartz | full movie (2014)
Playing with docker
PHP 7.3 will include a new hrtime() function to provide a high-resolution monotonic timer and overcome the limitations of microtime() https://t.co/CRhMnAtFry (more about monotonic clocks: https://t.co/DlS2cPF0hE) pic.twitter.com/opnwlAb2VK— Symfony News (@symfony_en) January 8, 2018
Roave/FunctionFQNReplacer
Github is monitoring package-lock.json and package.json for security vulnerabilities
Kodak soars on crypto-currency plans
Upcoming Events | Bots, Tots, and Lunchboxes: Learn with Your Kids (San Diego, CA)
Our Meetups - SDPHP and PeakPHP
Southeast PHP Conference
Write a quantum program

MageTalk Episode 157 – “We Shan’t Speak About Monrovia”

Posted on January 15, 2018 by philwinkle

Show Notes

2018 Predictions – Tim Bezhashvyly Edition???!!!
mage2.tv beta just launched!
- Twitter announcmenet
Meet Magento India 2018 – Wagento killing it!
REACTICON in Netherlands in March 2018
Cowie to CTO @ Shero
Mark Shust back in Magento game (going to Jamersan)
MAMP Pro
Ecommerceaholic shout out
Magento announces 2.3
- Advanced CMS
- MSI
- PHP 7.2 compatibility
- Live preview this month
- New developer certs before Q2

Transcript

Coming Soon!

MageTalk Classics – James Zetlen, Tony Brown and Brendan Falkowski

Posted on January 11, 2018 by philwinkle

We’re still vacationing hardcore in the islands so we’re bringing you this classic episode from April 2017 you might have missed! James Zetlen, Tony Brown of Space48 and Brendan Falkowski join us to talk Imagine 2017 announcements and frontend tooling as well as a possible future with PWAs

Guests

Tony Brown, Space 48 – @tonegolf71
Brendan Falkowski, Gravity Dept – @falkowski
James Zetlen, Magento Commerce – @jameszetlen

Hosts

Phillip Jackson – @philwinkle
Kalen Jordan – @kalenjordan
Brian Lange – @brianjlange

Credits

Mallory Triana – Transcription
Rebecca Brocton – Show Notes
Chris Harry – Production and Editing

Show Notes

Coming soon!

Episode 42: The one with the CPU vulnerabilities

Posted on January 10, 2018 by Beau Simensen & Dave Marshall

90: We melt down

Posted on January 9, 2018 by PHPUgly

Recorded December 28, 2017

Topics

How we handle our kids exposure to the internet
System76 now accepting bitcoin
Using a tablet/ipad and not needing a full desktop anymore
AWS Cloud9 – Cloud Developer Environments | AWS News Blog
Up | Deploy serverless apps in seconds
Edward Snowden made an app to protect your laptop
Meltdown and Spectre exploit critical vulnerabilities in modern processors

Laravel releases, Laracon Online, and soft edges

Posted on January 9, 2018 by Jacob Bennett and Michael Dyrynda

Jake and Michael return for 2018 and catch up on several framework releases from the break, discuss the upcoming Laracon Online, and community projects from Chris Fidao and Steve Schoger.

Show links